diff options
| author | Sami Tolvanen <samitolvanen@google.com> | 2016-02-05 14:27:52 -0800 |
|---|---|---|
| committer | Sami Tolvanen <samitolvanen@google.com> | 2016-02-16 12:54:54 -0800 |
| commit | d122ee65b66b5b33d51302dabbaa0d6c84597549 (patch) | |
| tree | 7db4bec615675ece9d7f2107f7bbf8266a72a2c1 /logd/Android.mk | |
| parent | 06bfaa7078c1200357e1e2a0e634d5a8662b60ee (diff) | |
| download | system_core-d122ee65b66b5b33d51302dabbaa0d6c84597549.tar.gz system_core-d122ee65b66b5b33d51302dabbaa0d6c84597549.tar.bz2 system_core-d122ee65b66b5b33d51302dabbaa0d6c84597549.zip | |
logd: enforce policy integrity
If a SELinux policy change or a switch to permissive mode is detected
on a user build, restart the device into safe mode, and keep it there
until an OTA is applied or user data is wiped.
This change deprecates the ro.logd.auditd property.
Needs matching changes from
I781c3059ea8d4fb2f0c923e4488b1932d69678d3
Ica825cf2af74f5624cf4091544bd24bb5482dbe7
Id3ca7889ede30b54b7af73dd50653ca1a20d59aa
Bug: 26902605
Change-Id: Idcdc5bff133f13c1267f0ec0a75cc8cf1ddbda0d
Diffstat (limited to 'logd/Android.mk')
| -rw-r--r-- | logd/Android.mk | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/logd/Android.mk b/logd/Android.mk index feca8d555..203943c31 100644 --- a/logd/Android.mk +++ b/logd/Android.mk @@ -42,6 +42,10 @@ event_flag := -DAUDITD_LOG_TAG=1003 -DLOGD_LOG_TAG=1004 LOCAL_CFLAGS := -Werror $(event_flag) +ifeq ($(TARGET_BUILD_VARIANT),user) +LOCAL_CFLAGS += -DAUDITD_ENFORCE_INTEGRITY=true +endif + include $(BUILD_EXECUTABLE) include $(call first-makefiles-under,$(LOCAL_PATH)) |